๐Ÿ”’breach.co.nz ยท the NZ & Australia breach register ๐Ÿ›ก๏ธ A Govern service
Register โ€บ ๐Ÿ‡ฆ๐Ÿ‡บ AU โ€บ Retail
Retail sector ยท leaderboard
Own the Retail leaderboard
The top banner across the Retail overview and every Retail record โ€” one advertiser, exclusively.
Own this leaderboard โ†’ breach@govern.co.nz

Early Settler

๐Ÿ‡ฆ๐Ÿ‡บ Australia (NZ customers also affected) ยท Early Settler Pty Ltd ยท Record AU-2024-0724
โ—‹ Reported โ€” awaiting official confirmation
Reported โ€” awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
Not disclosed
Breach date
2024-07
Regulator
OAIC and ACSC; NZ Privacy Commissioner and CERT NZ notified
Trust tier
B ยท Reported

Data exposed

Full names, emails, phone numbers, delivery addresses and some dates of birth; the company said no payment-card data was stored or exposed Company-confirmed

Confidence: Confirmed = regulator/court ยท Company-confirmed = the organisation's own disclosure ยท Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In mid-2024 the furniture and homewares retailer Early Settler confirmed a data breach exposing customer contact information โ€” names, emails, phone numbers and delivery addresses, and some dates of birth [es-cd], [es-ib]. The company said no payment-card data was stored or exposed, and notified regulators in both Australia and New Zealand.

Current status

Disclosed. An attacker claimed roughly 1.1 million records; the company did not confirm a figure, so no count is asserted here.

Why it matters

Even a contact-details breach at a retailer feeds targeted phishing, and this one crossed the Tasman โ€” Australian and New Zealand customers alike.

GGOVERN Tabletop Exercises ยท Govern house Strengthen your cyber resilience โ€” rehearse the decisions that matter. Book a Discovery Call โ†’